Техническая информация
- <SYSTEM32>\at.exe 09:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 10:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 07:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 08:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 13:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 14:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 11:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 12:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 06:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 00:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 01:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\mshta.exe http://re###ury.com/inst.php?id###################
- <SYSTEM32>\cmd.exe /c ""%APPDATA%\asdfasfas.bat" "
- <SYSTEM32>\at.exe 04:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 05:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 02:51http://dr###piggy.com/dksjnslks.php?sd#####
- <SYSTEM32>\at.exe 03:51http://dr###piggy.com/dksjnslks.php?sd#####
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\inst[1].php
- %APPDATA%\asdfasfas.bat
- %APPDATA%\palladium.exe
- 're###ury.com':80
- 'localhost':1036
- re###ury.com/inst.php?id###################
- DNS ASK re###ury.com
- '<IP-адрес в локальной сети>':1037
- ClassName: 'Shell_TrayWnd' WindowName: ''